API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 16th, 2018
452
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.43 KB | None | 0 0
raw download clone embed print report
  1. LAB 1 - Twitter Recon
  2.  
  3. In this lab we will identify user accounts associated with a commercial premises and then target one user in order to establish their pattern of life.
  4.  
  5. Open your web browser and goto gps-coordinates.net
  6. Enter the address for your own company. What is it’s latitude? _____________ What is it’s Longitude?_____________
  7. Open a new tab and goto twitter.com
  8. Log into twitter, If you don’t have an account you can log in with;
  9. USER: recon_lab
  10. PASS: Pa$$w0rd
  11. Once you have logged in select the twitter search box at the top page and enter the following search;
  12. geocode:LATITUDE GOES HERE,LONGITUDE GOES HERE,0.050km
  13.  
  14. Once you have entered your own lat and long into the search terms you should have something that looks like this:
  15. Geocode:37.776692537,-122.4167751122,0.050km
  16. You have now isolated all of the tweets inside of a 50m radius of the lat and long you entered. Select on of the twitter handles and make a note of it here @_____________
  17. Open another tab in your browser and goto app.teachingprivacy.org
  18. In the top right of the page there is a box that says “@Username” enter the twitter handle you noted above and hit enter on your keyboard
  19. You can now see the recent movements of your chosen user. The grid in the top right shows you what time of day they tweeted VS what day. This allows you to establish what is known as “pattern of life”. Being able to predict where someone is at a certain time might be useful to the attacker to allow them to engage in face to face social engineering or network man in the middle attack (Look forward to man in the middle later).
  20. Daily patterns can be spotted by looking for vertical lines, Click on a few of the tweets in a vertical line and determine if they all come from the same location.
  21.  
  22. We have now identified many targets originating from a location of interest. In reality each of those twitter handles would seed it’s own open source investigation to determine each users value to the attack and discover other accounts that user might have. As an extra activity you can take the twitter handle you discovered and enter it into namechk.com. This site will show you where that username is available. What we are really interested in here is where it is NOT available because that tells us the other sites that the user has an account for us to investigate.
  23.  
  24. That is the end of this lab, Feel free to get a coffee and ask any questions you have.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!